Oracle Corporation Information for VU#466161
XML signature HMAC truncation authentication bypass
- Vendor Information Help Date Notified:
- Statement Date: 13 Jul 2009
- Date Updated: 13 Jul 2009
No statement is currently available from the vendor regarding this vulnerability.
Oracle WebLogic Server (Web Services Component) and Oracle Secure Development Toolkit/Oracle Web Services Manager are impacted by this issue. Please check http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2009.html for more information.
There are no additional comments at this time.